Behavioral task
behavioral1
Sample
0253556cd907c56e06aad3d79f115d5c_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0253556cd907c56e06aad3d79f115d5c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
0253556cd907c56e06aad3d79f115d5c_JaffaCakes118
-
Size
202KB
-
MD5
0253556cd907c56e06aad3d79f115d5c
-
SHA1
4a0ca9d04e1699fff3b5256c89c731a5e9f0a744
-
SHA256
4dc06fdd711f03eb0a3eaf7fd08f9153629674e7ddb4a48410087bb54c775c65
-
SHA512
85f248d8daab55aaf60d354eae2223cb42939696bd40995d8662f7cedf5f45273e0df06fc6d65cb9213e26655d301387dbdeddcd8ef4e9fb9c91a2f0bad0192a
-
SSDEEP
6144:RI/OY3tLyGilOWguqNSK+9rd7oUT7TF6RfQ9:RI2YdRVC77T7TF
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0253556cd907c56e06aad3d79f115d5c_JaffaCakes118
Files
-
0253556cd907c56e06aad3d79f115d5c_JaffaCakes118.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 96KB - Virtual size: 96KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 104KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE